WHAT IS CLAIMED IS: 

1 . A method for proving ownership of an address of a first node in an IP 
based communication system, 

wherein said first node has a private key and public key pair, 
generating an address using the public key; and 
providing said address to a second node, 

wherein said second node sends an address verification request to said first 
node, and 

wherein said first node proving to said second node that it owns said 
address by providing an address verification answer generated using said private 
key corresponding to said public key. 

2. A method according to claim 1 , wherein the step of generating an 
address comprises the steps of: 

computing a function using the public key to generate an address 
generation value; and 

generating an address, preferably a dynamic address, using said address 
generation value. 

3. A method of claim 1 , wherein the address is an IPv6 (IP version 6) 
address. 

4. A method of claim 1 , wherein said first node generates a pair of 
private/public keys according to an identification protocol. 
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5. A method of claim 4, wherein the identification protocol is a zero 
knowledge identification protocol. 

6. A method of claim 1 , wherein the address generation value is 
computed applying a hash function to the public key. 

7. A method of claim 1 , wherein said first node uses the address 
generation value as a suffix for generating said dynamic address. 

8. A method of claim 1 , wherein said address verification request sent 
by said second node includes a cookie and a challenge. 

9. The method of claim 8, wherein said cookie is computed by said 
second node using a security algorithm and a security key of said second node. 

10. The method of claim 8, wherein said challenge is a random number. 

1 1 . The method of claim 8, wherein said first node computes a response 
by applying said private key to said challenge. 

12. The method of claim 1 1 , wherein said first node sends an address 
verification response including said cookie, said response and said public key. 

13. The method of claim 1, wherein said second node verifies that said 
first node owns said address by computing a hash of said public key and 
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comparing the resulting value with said address generating value in a suffix of said 
dynamic address, and by applying said public key to said response and comparing 
the result with said challenge. 

14. Method for proving ownership of an IP address of a node in an IP 
based communication system, 

wherein the node generates the IP address based on passwords used only 
once, another node receiving the IP address verifies that the node owns the IP 
address by checking the password. 

15. A method of claim 14, wherein the node generates the IP address 
using an advertised network prefix and the password as the suffix. 

16. A method of claim 14, wherein the node includes a number into the 
generated IP address, the number being incremented or decremented each time 
the IP address is transmitted to the another node, the another node additionally 
checking the number for verifying ownership of the IP address. 

17. A system for proving ownership of an address of a first node in a IP 
based communication system, wherein the node comprises: 

providing means for providing a private key and a public key pair, 
address generating means for generating the address using the public key, 
answer generating means for proving ownership of said address by 
providing an address verification answer to at least one address verification 
request sent by a second node, the answer being generated using the private key 



corresponding to the public key. 



18. A system of claim 17, wherein said address generating means 
comprises computing means for computing an address generation value using the 
public key, and means for generating an address, preferably a dynamic address, 
using said address generation value. 

19. A system of claim 17, wherein said generation means is adapted for 
generating said private key and said public key according to an identification 
protocol. 

20. A system of claim 19, wherein the identification protocol is a zero- 
knowledge identification protocol. 

21 . A system of claim 1 7, wherein the address is an IPv6 (IP version 6) 
address. 

22. A system of claim 18, wherein the computing means is adapted for 
computing, as the function using the public key, a hash of the public key. 

23. A system of claim 18, wherein the address generating means is 
adapted to use the computing result as the suffix of the address generated by the 
node. 

24. A system for proving ownership of an IP address of a node in an IP 
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based communication system, 

wherein the node comprises generating means for generating the IP 
address based on passwords used only once, 

another node receiving the IP address comprising verifying means for 
verifying that the node owns the IP address by checking the password. 

25. A system of claim 24, wherein the generating means generates the 
IP address using an advertised network prefix and the password as the suffix. 

26. A system of claim 24, wherein the generating means is adapted to 
include a number into the generated IP address, the number being incremented or 
decremented each time the IP address is transmitted to the another node, the 
another node additionally checking the number for verifying ownership of the IP 
address. 



31 



